Anastasia Dokuchaeva
Head of Products at Clausematch
June 12, 2020

Managing back to work risks: view from a compliance perspective

In just a few weeks, the novel coronavirus pandemic has turned people's daily lives upside down and had a profound influence on the
way they work. Many firms now are asking themselves whether employees will be prepared to return to the kinds of working patterns
they had before, once the pandemic is over.

Twitter has told employees they can work from home "forever"; Google says that the majority of its employees will work from home until
2021. Barclays' chief executive has stated that big offices "may be a thing of the past", and at the end of May, staff at the London-based
bank were told in a memo that those staff asked to return to the office would mostly be traders and others who were unable to work
from home. According to those in the know, such staff comprise less than 1% of the bank's headcount worldwide.

Another example is Facebook. "We are going to be the most forward-leaning company on remote work at our scale," Mark Zuckerberg,
chief executive, said in a recent interview. Zuckerberg said his employees had the full power to chose not to return to work in the
company's San Francisco offices. He added they were even free to move out of the area, although he warned that their salaries might
then be adjusted to reflect the cost of living wherever they ultimately decided to live. He said he expected 50% of the company's
employees to be working from home within the next five to 10 years.

Managing back-to-work risks

Experts have said flexible working will be the norm once lockdown ends, but regardless of whether staff return to physical offices or work remotely for all or part of the time, the new work reality will be very different, as will the risks employers then need to manage. If employees are unwilling to return to work in an office due to safety concerns, firms will need to identify the risks involved in home working.

At the same time, firms preparing to reopen their offices are exploring new measures, including the use of sanitisers, restricted access to lifts and kitchens, one-way staircases, and the distribution of masks and other personal protective equipment to employees. Practical issues to consider include establishing how many people would be allowed to enter an office on any given day. For example, physical distancing measures may mean that only two people can use a lift at any one time. The net result has been that, where technological transformation used to be a long-term project, businesses have now had to move up their timetables.

Alastair Keatley, head of legal and compliance at ClauseMatch, has shared the following list of policies which may need to be adjusted
to safeguard the post-COVID-19 work environment:

Health and safety policy/employee handbook — the law clearly states that employers owe a duty of care to the safety of their employees, meaning that policies and risk categories for theses areas are now much wider. With remote working clearly on the increase, to what extent will employees be back in the physical space?

Expenses policies
— energy costs, food costs, home office costs.

Business continuity
— service response, call connection.

Employment contracts
— remote working provision needs to be included in contracts.

Remote working/teleworking
— enhanced measures for network security, e.g., protected wifi networks, mobile devices, biometric security.

Physical security policies for remote workers
— environmental security is only as good as every individual's environment, e.g., shared living spaces, network security.

Travel and environmental policy
— consider the greater influence that firms can have on their environmental impact.

The list has the potential to be much longer, depending on each firm's specific activities. Home offices in particular present a number of emerging risks for financial firms and insurance companies, including cyber security, long stretches of inactivity from a health perspective and potential business interruption due to greater reliance on video conferencing tools

A new level of risk-related chaos in policy management? Tech to the rescue

Organisations have always struggled to adapt quickly and implement new policies. The pandemic has highlighted the need for an established systems approach to compliance. Compliance and operational risk teams have found it hard to keep up with daily updates and evolving governmental guidance. It has not just been assessing the impact of these guidelines every day that has proved hard but also knowing how best to communicate shifts in policy and practice to employees effectively and quickly.

The change has exposed a stark truth. No matter how, or where, their staff work in future, firms will need to change their approach to
risk management. Systems that provide real-time collaborative working, reporting and an audit trail of all decisions on policy changes,
obligations and impact assessments are the future. As the situation evolves, this new systems-based level of workplace compliance will
be the only way to overcome the overwhelming burden of risk management.

This article was first published by THOMSON REUTERS